A Day in the Life of npm Security — André Eleuterio is the ‘vulnerability coordinator of that npm security inbox’ which means he gets to analyze all of the various vulnerability reports coming in regarding npm packages.

A Security Expert's POV on Node Dependency Management — Nearly all of the packages in the...

A Security Expert's POV on Node Dependency Management — Nearly all of the packages in the npm repository are safe to use, but.. you can never be too careful. This post takes “an application security expert’s point of view” over what practices you should be adopting on your own projects.